Verizon unit to pay $4 million US penalty to resolve cybersecurity claims

A person walks by a Verizon store in Manhattan, New York City

WASHINGTON (Reuters) -Verizon Business Network Services, a unit of the telecom giant , agreed to pay $4.1 million to resolve U.S. allegations that it failed to follow required cybersecurity standards, the U.S. Justice Department said.

The settlement resolves allegations that a Verizon service which provides federal agencies with secure internet connections and other external networks did not completely satisfy three required cybersecurity controls in contracts from 2017 to 2021.

"When government contractors fail to follow required cybersecurity standards, they may jeopardize the security of sensitive government information and information systems," Deputy Assistant Attorney General Michael Granston said in a statement.

Verizon said that in 2020 it "proactively identified and disclosed" to the General Services Administration a potential issue with a managed security service that it sells to some federal government agencies. It added that at no time did the potential issue result in a security or data breach.

The settlement did not make any determination of liability.

The department gave Verizon and others credit in settlements with government contractors that "disclose misconduct, cooperate with pending investigations and take remedial measures, all of which are critically important to protecting the nation against cyber threats."

(Reporting by David Shepardson, Costas Pitas and Dan Whitcomb; Editing by Edwina Gibbs)